[jira] [Updated] (CLOUDSTACK-2761) [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
[ https://issues.apache.org/jira/browse/CLOUDSTACK-2761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Animesh Chaturvedi updated CLOUDSTACK-2761: --- Status: Ready To Review (was: In Progress) > [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC > - > > Key: CLOUDSTACK-2761 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2761 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Network Controller >Affects Versions: 4.2.0 > Environment: commit # 8d1189c2ae87216bc1c4a1443f75e9a8629abdc2 >Reporter: venkata swamybabu budumuru >Assignee: Jayapal Reddy >Priority: Blocker > Fix For: 4.2.0 > > Attachments: logs.tgz > > > Steps to reproduce: > 1. Have latest CloudStack build with at least 1 advanced zone > 2. Have at least 1 VMware cluster with 1 host. > 3. Create a VPC with at least 1 Tier > 4. deploy a VM > 5. apply an ACL to allow all > 6. acquire at least 1 IP > 7. create PF/staticNAT on the above created IP to the VM created in step (4) > Observations: > (i) It failed to create staticNAT with the following error > 2013-05-30 08:05:20,203 DEBUG [agent.manager.DirectAgentAttache] > (DirectAgent-38:null) Seq 1-1416495168: Response Received: > 2013-05-30 08:05:20,206 DEBUG [agent.transport.Request] (DirectAgent-38:null) > Seq 1-1416495168: Processing: { Ans: , MgmtId: 7280707764394, via: 1, Ver: > v1, Flags: 0, [{"routing.IpAssocAnswer":{"results":["10.147.44.63 - > success"],"result":true,"wait":0}}] } > 2013-05-30 08:05:20,207 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495168: Received: { Ans: , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 0, { IpAssocAnswer } } > 2013-05-30 08:05:20,211 INFO [cloud.network.NetworkManagerImpl] > (catalina-exec-19:null) Let VpcVirtualRouter handle StaticNat in network 204 > 2013-05-30 08:05:20,223 DEBUG > [network.router.VirtualNetworkApplianceManagerImpl] (catalina-exec-19:null) > Applying static nat rules in network Ntwk[204|Guest|11] > 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495169: Sending { Cmd , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 11, > [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}] > } > 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495169: Executing: { Cmd , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 11, > [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}] > } > 2013-05-30 08:05:20,289 DEBUG [agent.manager.DirectAgentAttache] > (DirectAgent-16:null) Seq 1-1416495169: Executing request > 2013-05-30 08:05:20,290 INFO [vmware.resource.VmwareResource] > (DirectAgent-16:10.147.40.12) Executing resource SetFirewallRuleCommand: > {"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0} > 2013-05-30 08:05:20,290 DEBUG [vmware.resource.VmwareResource] > (DirectAgent-16:10.147.40.12) Use router's private IP for SSH control. IP : > 10.147.40.62 > 2013-05-30 08:05:21,746 ERROR [utils.ssh.SshHelper] > (DirectAgent-16:10.147.40.12) SSH execution of command /root/firewall.sh -A > -l 10.147.44.63 -r 10.0.1.188 -d 0:0 -G has an error status code in return. > result output: Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > iptables v1.4.14: option "--set-mark" requires an argument > Try `iptables -h' or 'iptables --help' for more information. > iptables: No chain/target/match by that name. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `eth0' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > iptables: No chain/target/match by that name. > iptab
[jira] [Updated] (CLOUDSTACK-2761) [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
[ https://issues.apache.org/jira/browse/CLOUDSTACK-2761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] venkata swamybabu budumuru updated CLOUDSTACK-2761: --- Attachment: logs.tgz > [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC > - > > Key: CLOUDSTACK-2761 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2761 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Network Controller >Affects Versions: 4.2.0 > Environment: commit # 8d1189c2ae87216bc1c4a1443f75e9a8629abdc2 >Reporter: venkata swamybabu budumuru >Priority: Blocker > Fix For: 4.2.0 > > Attachments: logs.tgz > > > Steps to reproduce: > 1. Have latest CloudStack build with at least 1 advanced zone > 2. Have at least 1 VMware cluster with 1 host. > 3. Create a VPC with at least 1 Tier > 4. deploy a VM > 5. apply an ACL to allow all > 6. acquire at least 1 IP > 7. create PF/staticNAT on the above created IP to the VM created in step (4) > Observations: > (i) It failed to create staticNAT with the following error > 2013-05-30 08:05:20,203 DEBUG [agent.manager.DirectAgentAttache] > (DirectAgent-38:null) Seq 1-1416495168: Response Received: > 2013-05-30 08:05:20,206 DEBUG [agent.transport.Request] (DirectAgent-38:null) > Seq 1-1416495168: Processing: { Ans: , MgmtId: 7280707764394, via: 1, Ver: > v1, Flags: 0, [{"routing.IpAssocAnswer":{"results":["10.147.44.63 - > success"],"result":true,"wait":0}}] } > 2013-05-30 08:05:20,207 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495168: Received: { Ans: , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 0, { IpAssocAnswer } } > 2013-05-30 08:05:20,211 INFO [cloud.network.NetworkManagerImpl] > (catalina-exec-19:null) Let VpcVirtualRouter handle StaticNat in network 204 > 2013-05-30 08:05:20,223 DEBUG > [network.router.VirtualNetworkApplianceManagerImpl] (catalina-exec-19:null) > Applying static nat rules in network Ntwk[204|Guest|11] > 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495169: Sending { Cmd , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 11, > [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}] > } > 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request] > (catalina-exec-19:null) Seq 1-1416495169: Executing: { Cmd , MgmtId: > 7280707764394, via: 1, Ver: v1, Flags: 11, > [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}] > } > 2013-05-30 08:05:20,289 DEBUG [agent.manager.DirectAgentAttache] > (DirectAgent-16:null) Seq 1-1416495169: Executing request > 2013-05-30 08:05:20,290 INFO [vmware.resource.VmwareResource] > (DirectAgent-16:10.147.40.12) Executing resource SetFirewallRuleCommand: > {"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0} > 2013-05-30 08:05:20,290 DEBUG [vmware.resource.VmwareResource] > (DirectAgent-16:10.147.40.12) Use router's private IP for SSH control. IP : > 10.147.40.62 > 2013-05-30 08:05:21,746 ERROR [utils.ssh.SshHelper] > (DirectAgent-16:10.147.40.12) SSH execution of command /root/firewall.sh -A > -l 10.147.44.63 -r 10.0.1.188 -d 0:0 -G has an error status code in return. > result output: Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > iptables v1.4.14: option "--set-mark" requires an argument > Try `iptables -h' or 'iptables --help' for more information. > iptables: No chain/target/match by that name. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `eth0' > Try `iptables -h' or 'iptables --help' for more information. > Bad argument `10.147.44.63' > Try `iptables -h' or 'iptables --help' for more information. > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > B